Menu
▾
▴
[Shorewall-users] masq file: interface or ip address in source field?
|
From: Rags <rag...@gm...> - 2009-09-30 05:09:13
|
Hello, I'm using Shorewall perl 4.4.1.2 with two pppoe connections, with fail-over and load balancing. When I upgraded to Shorewall-perl, I saw a bunch of warnings pop up after I start/restart Shorewall. One was about the masq file , wherein instead of using interface names, IP-addresses were to be used. So I made the changes to the masq file like so. #INTERFACE SOURCE ADDRESS PROTO PORT(S) IPSEC MARK ppp0 $PPP1_IP $PPP0_IP ppp1 $PPP0_IP $PPP1_IP ppp0 192.168.32.1 ppp1 192.168.32.1 But, after that whenever I restart shorewall, I get a warning that both the providers are down and no default route is added. But both the lines are in fact up and when I revert the changes to the masq file everything goes back to normal. I don't understand how that change in the masq file affected this. Shorewall -vvv restart output : Shorewall-generated routing tables and routing rules removed Adding Providers... WARNING: Gateway is not reachable -- Provider BSNL8m (1) not Added WARNING: Gateway is not reachable -- Provider BSNL256 (2) not Added WARNING: No Default route added (all 'balance' providers are down) Setting up Traffic Control... Also, One question I had about "loose" in the providers file. What I understand is with out "loose" all traffic goes through hard coded paths, while with "loose" there is more ambiguity and more uncertainty to which outgoing line a packet will take and thus more "balanced" traffic. Is this the case? Is my understanding correct here? "loose" Omits certain route rules, so that is an advantage in terms of more balanced traffic? Thanks, -- Raghu Siddarth |
